Enable HAProxy forwardfor option for Horizon.

Horizon's backends (httpd) see IP address of the haproxy in the logs instead
of the client address.
Adding forwardfor option allows to add the client address to the
X-Forwarded-For HTTP header and can be replace in the logs by configured the
backend servers with this header.

Change-Id: I54f0f5549d64768dacca71539c71a28cc99d9d95

diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp
index f9d0473..70ccbc1 100644 (file)
--- a/manifests/loadbalancer.pp
+++ b/manifests/loadbalancer.pp
@@ -520,6 +520,7 @@ class tripleo::loadbalancer (
       'rsprep'   => '^Location:\ http://(.*) Location:\ https://\1',
       # NOTE(jaosorior): We always redirect to https for the public_virtual_ip.
       'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }",
+      'option'   => 'forwardfor',
     }
   } else {
     $horizon_bind_opts = {
@@ -528,6 +529,7 @@ class tripleo::loadbalancer (
     }
     $horizon_options = {
       'cookie' => 'SERVERID insert indirect nocache',
+      'option' => 'forwardfor',
     }
   }